
United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMEI} 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O. Box 1450 

Alexandria, Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 


FILING DATE 


FIRST NAMED INVENTOR 


ATTORNEY DOCKET NO. 


CONFIRMATION NO. 


10/720,119 


11/25/2003 


Robert C. Knauerhase 


42339-191615 


4372 



26694 7590 11/28/2007 

VENABLE LLP 
P.O. BOX 34385 

WASHINGTON, DC 20043-9998 



EXAMINER 



ABEDIN, SHANTO 



ART UNIT 



2136 



PAPER NUMBER 



MAIL DATE 



DELIVERY MODE 



1 1/28/2007 PAPER 

Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



Office Action Summary 


Application No. 

10/720,119 


Applicant(s) 

KNAUERHASE ET AL 


Examiner 

Shanto M Z Abedin 


Art Unit 

2136 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 03 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 
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DETAILED ACTION 



1. 



This office action is in response to the communication filed on 08/3 1/2007. 



2. 



Claim 1-28 are pending in the examination. 



3. 



Claim 1-28 have been rejected. 



Response to Arguments 



4. 35 USC 101 type rejection: The applicant's arguments regarding previous 35 USC 
101 type rejections are considered in light of the amendments made to the specification, 
however, upon further consideration, the claimed subject matter still found to be directed to 
non-statutory subject matter, and therefore previous 35 USC 101 type rejection of claims 12- 
19 and 25-28 are maintained (please see below for detail). 

5. 35 USC 102 (b) rejection: Regarding the previous 35 USC 102 (b) type rejection, the 
applicant primarily argues that reference Traw et al fails to disclose using an identity of a 
first device established via a first physical communication link for authentication of 
communication sent from the first device via a second physical communication link. The 
applicant's above arguments are fully considered, however, the examiner respectfully 
disagrees with the applicant for the following reasons. 

Reference Traw et al does not expressly teach such first and second physical 
communication channels, however, Traw et al still teaches enablement of (a) establishing a 
content/ front/ authentication/ insecure physical communication channel, and a full control/ 
background/ encrypted/ secure physical communication channel ( Par 0033-0123), and (b) 
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plurality of communication channel subsystems for different type of communication. 
Although Traw et al primarily uses IEEE 1394 bus/ interfaces for all communication 
channels , NOWHERE in Traw et al it suggests (a) using a single or same communication 
channel for both establishing identity/ authentication, and receiving established identity (see 
Fig 7, Par 0030-0040; 0123), or (b) two separate communication channels (for establishing 
identity, and receiving established identity) can not be created using IEEE 1394 interfaces. 

Furthermore, in response to the applicant's argument that reference Traw et al fails to 
disclose a "physical" communication link, the examiner respectfully disagrees since 
communication channels shown in Traw et al are IEEE 1394 compatible, and NOWHERE 
in Traw et al it is suggested that communication channels are non-physical or virtual in 
nature. Furthermore, incorporation of such "physical" communication link raises a question 
for written description requirement / new matter situation (please see below). 

In the case, support for inherency or enablement is still found arguable by the 
applicant, the examiner incorporates a newly found ground of rejection, and these arguments 
are further moot in view of new ground of rejection (please see below for detail). 

Specification 

6. New abstract submitted on 08/3 1/2007 is accepted, and previous objection to abstract 
is withdrawn. 

Claim Rejections - 35 USC § 112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 
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The specification shall contain a written description of the invention, and of the manner and process of making 
and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the art to which it pertains, or 
with which it is most nearly connected, to make and use the same and shall set forth the best mode contemplated by the 
inventor of carrying out his invention. 

7. Claims 1-28 are rejected under 35 U.S.C. 1 12, first paragraph, as failing to comply 
with the written description requirement. The claim(s) contains subject matter which was 
not described in the specification in such a way as to reasonably convey to one skilled in the 
relevant art that the inventor(s), at the time the application was filed, had possession of the 
claimed invention. 

In particularly, description or examples of a "physical communication link" is not 
found in the originally file specification. Since specification of the instant application 
describes such communication links to be wireless (non physical!), it is not clear whether 
term "physical" communication link referring to a non-wireless communication link, or a 
non- virtual communication link. Therefore, claim languages fail to comply with the written 
description requirement. 

As best understood, these claims are further examined as below. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and requirements of this 
title. 

8. Claims 12-19 and 25-28 are rejected under 35 USC 101 as the claimed invention is 
being directed to non-statutory subject matter. 
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Regarding claims 12-19 and 25-28, they recite the limitation "machine readable 
medium" that comprises electrical, optical and acoustical signals (as disclosed in 
specification, Par [0012]) which are non-statutory subject matter since no physical storage of 
such signals are claimed, rather a non-statutory signal is claimed as machine readable 
medium. See MPEP 2106.01 [R-5]. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections 

set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that 
the subject matter as a whole would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

9. Claims are rejected under 35 U.S.C. 102(e) as anticipated by TRAW et al (US 
2002/0007452A1) or, in the alternative, under 35 U.S.C. 103(a) as obvious over Davis et al 
(US 6088450) 

Regarding claim 1 and 12, TRAW et al discloses method/ machine readable 
medium, comprising: 

a) transmitting and receiving data with a second device via a first communication 
link (Fig 2,5; Par [0009], [0030]-[0040], [0077]; establishing a full control/ background/ 
encrypted/ secure communication channel as first communication link) to a first device to 
establish an identity of the first device (Fig 2,5, 7; Par [0009], [0030]-[0040], [0077]; 
identity/ random challenge/ certificates procedure to establish identity for the devices ); and 
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b) using the established identity of the first device for authentication of 
communications from the first device received by the second device via a second 
communication link (Fig 2, 7, 8; Par [0030]-[0040], [0047]; starting at par [0077], [0101] - 
[0123]; creating an encrypted content channel or subsystem for protected content or full 
authentication or key exchange response once identity/ authentication is established). 

Traw et al further teaches enablement of such communication links to be two 
separate physical communication link ( Traw et al teaches enablement of establishing 
physical content/ front/ authentication/ insecure communication channel, and physical full 
control/ background/ encrypted/ secure communication channel since they are IEEE 1394 
interfaces/ bus; Fig 7; Par 0033-0123). 

Alternatively, if the inherency for "using an identity of a first device established via a 
first physical communication link for authentication of communication sent from the first 
device via a second physical communication link" are not found to be supportable, the 
examiner holds the position that it would have been obvious to a person with ordinary skill in 
the art to modify Traw et al to further include these limitations as taught by Davis et al 
(please see Fig 6A, 6B; Col 3, line 52-Col 4, line 40; Col 6, line 50 - Col 8 5 line 36; 
establishing separate communication links for authentication, and for response) with a 
reasonable expectation of forming the claimed method , and a reasonable expectation of 
success. 
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Davis et al and Traw et al are analogous art because they are from the same field of 
endeavor of authentication system. At the time of invention, it will be obvious to a person 
with ordinary skill in the art to combine the teaching of Davis et al with Traw et al to 
design a method further comprising a first physical communication link for authentication, 
and a second physical communication link in order to provide alternative robust 
communication. 

Regarding claim 20, it is rejected applying as above rejecting claim 1, furthermore, 
TRAW et al discloses an apparatus comprising: 

a first module adapted to establish an identity of a client device to a server via at least 
a first communications link (Fig 8; starting at Par [0042]; starting at Par [0077]- [0131]; 
random challenge or certificates exchange/ matching for establishing identity/ 
authentication) and 

a second module adapted to authenticate the client device on another communication 
link based on established identity (starting at Par [0042]; Par [0077], [0120]; starting at Par 
[0131]; sending device authentication result/ message once authentication established). 

Traw et al further teaches enablement of such communication links to be two 
separate physical communication link ( Traw et al teaches enablement of establishing 
physical content/ front/ authentication/ insecure communication channel, and physical full 
control/ background/ encrypted/ secure communication channel since they are IEEE 1394 
interfaces/ bus; Fig 7; Par 0033-0123). 
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Alternatively, if the inherency for "using an identity of a first device established via a 
first physical communication link for authentication of communication sent from the first 
device via a second physical communication link" are not found to be supportable, the 
examiner holds the position that it would have been obvious to a person with ordinary skill in 
the art to modify Traw et al to further include these limitations as taught by Davis et al 
(please see Fig 6A, 6B; Col 3, line 52-Col 4, line 40; Col 6, line 50 - Col 8, line 36; 
establishing separate communication links for authentication, and for response; Davis et al 
further discloses devices to authenticate and establish identity, see Fig 6A and 6B) with a 
reasonable expectation of success. 

Regarding claim 25, it is rejected applying as above rejecting claims 1 and 20, 
furthermore, TRAW et al discloses machine readable medium that provides instructions, 
when executed by a computing platform, cause said computing platform to perform 
operations comprising a method of: 

transmitting and receiving data with a client via a first communication link to a server 
to establish an identity of the client (Fig 8; starting at Par [0042]; starting at Par [0077]- 
[0131]; key exchange or random challenge or certificates exchange/ matching for 
establishing identity; using proxies); and 

transmitting and receiving data with the client via a second communication link 
between the client and the server using the established identity (starting at Par [0042]; Par 
[0077], [0120]; starting at Par [0131]; device authentication; proxy server authentication). 
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Traw et al further teaches enablement of such communication links to be two 
separate physical communication link ( Traw et al teaches enablement of establishing 
physical content/ front/ authentication/ insecure communication channel, and physical full 
control/ background/ encrypted/ secure communication channel since they are IEEE 1394 
interfaces/ bus; Fig 7; Par 0033-0123). 

Alternatively, if the inherency for "using an identity of a first device established via a 
first physical communication link for authentication of communication sent from the first 
device via a second physical communication link" are not found to be supportable, the 
examiner holds the position that it would have been obvious to a person with ordinary skill in 
the art to modify Traw et al to further include these limitations as taught by Davis et al 
(see Fig 6A, 6B; Col 3, line 52-Col 4, line 40; Col 6, line 50 - Col 8, line 36; establishing 
separate communication links for authentication, and for response) with a reasonable 
expectation of forming the claimed method , and a reasonable expectation of success. 

Regarding claim 2> it is rejected applying as above rejecting claim 1, furthermore, 
TRAW et al discloses the method further comprising transferring the established identity to 
the second communication link (Fig 2; Par [0039],[0047], [0077], [0108]; Claim 1, 5; 
transferring content/ information in content channel once authentication is completed in 
control channel; therefore, device authentication established in control channel is used to 
communicate over content channel) . Traw et al further teaches enablement of second 
physical communication link ( Traw et al teaches enablement of establishing physical 
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full control/ background/ encrypted/ secure communication channel since they are IEEE 
1394 interfaces/ bus; Fig 7; Par 0033-0123). 

Alternatively, if the inherency for "transferring the established identity to the second 
communication link 11 are not found to be supportable, the examiner holds the position that it 
would have been obvious to a person with ordinary skill in the art to modify Traw et al to 
further include these limitations as taught by Davis et al (please see Fig 6A, 6B; Col 3, 
line 52-Col 4, line 40; Col 6, line 50 - Col 8, line 36; establishing separate communication 
links for transmitting response message ) with a reasonable expectation of forming the 
claimed method , and a reasonable expectation of success. 

Regarding claim 3, it is rejected applying as above rejecting claim 2, furthermore, 
TRAW TRAW et al discloses the method comprising sending a nonce to the first device via 
the first communication link; and receiving at the second device at least one of the nonce and 
a function of the nonce from the first device via second communication link (Fig 3(a),(B); 
Par [0010], starting at [0080]; random / hash functions/ certificates for authentication). 

Regarding claim 4, TRAW et al discloses the method further comprising encrypting 
the nonce at the second device for the first device (Fig 3(a), 3(B); Par [0010], starting at 
[0081]; Claim 1, 10; encrypted random challenges). 

Regarding claim 5, it is rejected applying as above rejecting claim 1 and 2, 
furthermore, TRAW et al discloses the method further comprising: receiving a nonce at the 
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first device via the first communication link; and sending at least one of the nonce and a 
function of the nonce from the first device via the second communication link (Fig 3(a), 
3(B); Par [0010], starting at [0081]). 

Furthermore, Davis et al discloses_receiving a nonce at the first device via the first 
communication link; and sending at least one of the nonce and a function of the nonce from 
the first device via the second communication link (Fig 6A, 6B; Col 3, line 52-Col 4, line 
40; Col 6, line 50 - Col 8, line 36). 

Regarding claim 6, it is rejected applying as above rejecting claims 2 and 5, 
furthermore, TRAW et al discloses the method further comprising: determining an optimal 
communication link from a plurality of communications links between the first device and 
second device; and using the established identity for communication between the first device 
and the second device via the optimal communication link (Fig 2, 8; Col 6, starting at par 
[0077]; selecting from plurality of the background/ front communication channels). 

Regarding claim 7, it is rejected applying as above rejecting claims 2 and 5, 
furthermore, TRAW et al discloses the method further comprising: 

periodically sending a nonce from the second device via the first communication link 
to the first device (Par [0105], [0110]; periodic or regular basis update/ authentication of the 
control channel keys); and 
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maintaining the second communication link with the first device only if a response to 
the nonce is received from the first device via the second communication link (starting at Par 
[0083]; Par [01 10]; Claim 1; matching random challenges/ keys to values; maintaining/ 
canceling communication) . 

Furthermore, Davis et al discloses periodically sending a nonce from the second 
device via the first communication link to the first device ;and maintaining the second 
communication link with the first device only if a response to the nonce is received from the 
first device via the second communication link (Fig 6A, 6B; Col 3, line 52-Col 4, line 40; 
Col 6, line 50 - Col 8, line 36). 

Regarding claim 8, TRAW et al discloses the method wherein b) comprises: 
determining an address of the first device; and authenticating communications received from 
the address as being from the first device (Par [0025], [0080], [0128]; device specific 
information/ id / certificates). 

Regarding claim 9, it is rejected applying as above rejecting claims 2 and 5, 
furthermore, TRAW et al discloses the method wherein b) comprises: 

transmitting security credentials from the second device to the first device via the first 
communications link (starting at Par [0081]; transmitting shared secret key; Page 5, starting 
at Par [0098]; transmitting signature/ certificates); and 
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identifying communications that utilize the security credentials received at the second 
device over the second communications link as being from the same first device (starting at 
Par [0081]; transmitting/ exchanging keys/ challanges ; starting at Par [0098]). 

Regarding claim 10, it is rejected applying as above rejecting claims 2 and 5, 
furthermore, TRAW et al discloses the method further comprising: 

receiving the security credentials at the first device (starting at Par [0081]; 
transmitting shared secret key; Page 5, starting at Par [0098]; transmitting signature/ 
certificates); 

encrypting data using the security credentials (Par [0010], starting at [0081]; Claim 1, 
10; encrypted random challenges); and 

sending the encrypted data via the second communications link (Page 4, starting at 
Par [0081]; Page 5, starting at Par [0098]; transmitting encrypted contents). 

Regarding claim 11, TRAW et al discloses the method further comprising decrypting 
encrypted data received via the second communications link at the second device in order to 
identify the first device (Par [0045], [0125]). 

Regarding claims 13-19, they recite the limitations of claims 1-12, therefore, they are 
rejected applying as above rejecting claims 1-12. 
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Regarding claims 21-24 and 26-28, they recite the limitations of claims 1-1 1, 20 and 
25, therefore, they are rejected applying as above rejecting claims 1-1 1, 20 and 25. 

Conclusion 

10. Applicant's amendment necessitated the new ground(s) of rejection presented in this Office 
action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is 
reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until 
after the end of the THREE-MONTH shortened statutory period, then the shortened statutory 
period will expire on the date the advisory action is mailed, and any extension fee pursuant 
to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. See 
MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for response to this action is set to expire in 3 (Three) 
months and 0 (Zero) days from the mailing date of this letter. Failure to respond within the 
period for response will result in ABANDOMENT of the application (see 35 U.S.C 133, 
M.P.E.P 710.02(b)). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Shanto M Z Abedin whose telephone number is 571-272- 
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3551, and fax number is 571-273-3551. The examiner can normally be reached on M-F 
from 9:00 AM to 5:30 PM. If attempts to reach the examiner by telephone are unsuccessful, 
the examinees supervisor, Moazzami Nasser, can be reached on 571-272-4195. For more 
information about the PAIR system, see http://pair-direct.uspto.gov. Should you have 
questions on access to the Private PAIR system, contact the Electronic Business Center 
(EBC) at 866-217-9197 (toll-free). 

Shanto M Z Abedin 



Examiner, 2136 
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SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




